All of times I've found myself in a situation where I need to get a little bit of data on to or off of a server somewhere. Copy & paste works in some cases but not always. Another option is a service like Pastebin but it's not cool for sensitive info like config files because even though you can easily forget to delete them when you're done.

That's where a one-time secret comes in: a long, unique URI that only works once.

Installation

Our "official" tool is written in Ruby and available via Rubygems.org:

Retrieving a message

Or simply go to the onetimesecret.com URI and copy the message from there.

Advanced options

Beyond the basic usage, there are some other features that might interest you as well.

Include a passphrase

For very sensitive data you will want to include a passphrase so that even if someone finds the secret link while it's still available, the won't be able to see the message unless they know the passphrase. We include the passphrase in the encryption key which guarantees that only you or the recipient can view the content.

I worked on a new UI over the weekend and pushed it live today. Thanks to Twitter's Bootstrap framework it's cleaner, easier to use, and works great on small (mobile) screens too. Here are a couple comparisons (old vs new):

Homepage

Created secret

Shared secret

We launched One-Time Secret on November 8th, 2011. Today we're happy to announce the first opensource release of the One-Time Secret codebase under the MIT License. This is something we wanted to do from the very beginning but life and other work got in the way. It's important that we do everything we can to earn and maintain your trust and this is a crucial step in that direction. Also, it's just the right thing to do.

Bring on the bugs!

We're expecting (and hoping) this will help us discover (and resolve) more bugs. If you find a bug, open a issue. If you have a feature request, you can open an issue for that too.

If you find a security related bug, let us know as soon as you can. We will disclose all serious issues here on this blog.

Business subscription plans are deprecated

We're also announcing the deprecation of our Basic, Professional, and Agency subscription plans. Customers using these plans will be able to continue to use them. (Note: we are still available for custom installs).

What's next

We have a bunch of new stuff planned for this year including some oft-requested new features and a mobile app. Drop me a line if you're interested to help and want to know more.

What is a One-Time Secret?

A one-time secret is a link that can be viewed only one time. A single-use URL.

Why would I want to use it?

When you send people sensitive info like passwords and private links via email or chat, there are copies of that information stored in many places. If you use a one-time link instead, the information persists for a single viewing which means it can't be read by someone else later. This allows you to send sensitive information in a safe way knowing it's seen by one person only. Think of it like a self-destructing message.